Malware

What is “Malware.AI.4209406916”?

Malware Removal

The Malware.AI.4209406916 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.4209406916 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself

How to determine Malware.AI.4209406916?


File Info:

crc32: 9D4B5C08
md5: f8cc69c2e09989dcee05caf2e831fe17
name: F8CC69C2E09989DCEE05CAF2E831FE17.mlw
sha1: 8878ff1aea124b4e3fefffc809ccd89e4590ced3
sha256: 4b19b86fa750021e3c43e22189d90ce945b055b069706a78c5c8becae0ed34cd
sha512: bf5263975a18ca898ca01983ed81aee5816b8f86f54a724d9d86092fda04dc457dc3eec0b0d62ee393e2cdf22cacb7244b513619980b822f61569e5be1bcb7da
ssdeep: 24576:gYmD6DerPuIM9Fu37eBH12s//bCCxehHjc+/lQRc535mgYGvf37kmAbrxfYsYa7:U6wP1mFmiVN//NcY+/yK5pmg7vAbBTY
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

LegalCopyright: xa92017, Inc. All Rights Reserved.
InternalName: loader
FileVersion: 4.5.0.44990
CompanyName: Loader
SpecialBuild: stable36 stable
ProductName: Loader
ProductVersion: 4.5.0.44790
FileDescription: Win
OriginalFilename: loader
Translation: 0x0409 0x04e4

Malware.AI.4209406916 also known as:

K7AntiVirusTrojan ( 0053fc801 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacGeneric.MSIL.Ransomware.Jigsaw.DCDC3723
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
K7GWTrojan ( 0053fc801 )
Cybereasonmalicious.2e0998
SymantecML.Attribute.HighConfidence
ESET-NOD32multiple detections
APEXMalicious
AvastWin32:PWSX-gen [Trj]
KasperskyHEUR:Trojan-Banker.MSIL.BitStealer.gen
BitDefenderGeneric.MSIL.Ransomware.Jigsaw.DCDC3723
NANO-AntivirusTrojan.Win32.Jigsaw.fahxig
MicroWorld-eScanGeneric.MSIL.Ransomware.Jigsaw.DCDC3723
TencentWin32.Trojan.Generic.Efuq
Ad-AwareGeneric.MSIL.Ransomware.Jigsaw.DCDC3723
SophosMal/Generic-R + Troj/Jigsaw-L
ComodoMalware@#28hkg7vgaem6k
BitDefenderThetaGen:NN.ZemsilF.34690.vn0@aiGDn@li
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
FireEyeGeneric.mg.f8cc69c2e09989dc
EmsisoftGeneric.MSIL.Ransomware.Jigsaw.DCDC3723 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.fefel
AviraTR/Jigsaw.dhtfi
eGambitUnsafe.AI_Score_100%
MicrosoftTrojan:MSIL/Confuser.UI
ArcabitGeneric.MSIL.Ransomware.Jigsaw.DCDCDE8B
AegisLabTrojan.Win32.Generic.4!c
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGeneric.MSIL.Ransomware.Jigsaw.DCDC3723
McAfeeArtemis!F8CC69C2E099
MAXmalware (ai score=97)
MalwarebytesMalware.AI.4209406916
PandaTrj/GdSda.A
RisingTrojan.Generic!8.C3 (CLOUD)
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/CoinStealer.AA!tr.pws
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml

How to remove Malware.AI.4209406916?

Malware.AI.4209406916 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment